Privacy Policy

1. Scope of Application

This Privacy Policy (hereinafter referred to as “this Policy”) sets forth how the Company handles personal information obtained and managed in connection with the use of the Services, including our websites and applications.

2. Types of Personal Information Collected and Purposes of Use

2-1. Types of Personal Information

1. Account registration information: Username, email address, password, affiliated organization, and payment information (for paid plans)
2. User-provided content: Data inputted or uploaded by users through the Services (e.g., full-text papers, summaries, comments, etc.)
3. Usage data: Access logs, browsing history, IP address, device information, cookies, and similar identifiers
4. Payment information: Credit card details, billing address, and transaction history (Note: such data is managed by third-party payment processors and not retained by the Company)

2-2. Purposes of Use

• To provide and maintain the Services
• To respond to inquiries and troubleshoot issues
• To analyze usage and improve the Services
• To prevent unauthorized or fraudulent use
• To process billing and payments for paid plans
• To comply with applicable laws and regulations

The Company’s AI features incorporate inference technologies powered by external large language models (LLMs). We do not transmit personal information to such external LLMs. If transmission becomes necessary, we will obtain the user's explicit consent in advance.

3. Use of External APIs and AI Services

• No personal information is transmitted to external services (unless prior user consent is obtained)
• Data is configured to prevent use for model training or service improvement
• Data retention is kept to the minimum required and deleted once the purpose is fulfilled
• Users are advised not to input confidential or sensitive information

4. Provision to Third Parties and International Data Transfers

The Company may provide personal information to third parties or transfer it outside of Japan only under the following circumstances:

1. With the user’s explicit consent
2. When required by applicable laws or regulations
3. When necessary for outsourcing operations (e.g., payment processing, server maintenance, analytics services)

The Company selects subcontractors that meet appropriate security and contractual standards.

5. Data Retention and Deletion

• Retention periods are determined based on applicable laws and operational requirements
• Personal data is securely deleted once the intended purpose has been fulfilled
• Logs and backups are also handled in accordance with the same standards

6. Security Measures

• Technical measures: Encryption, access controls, audit logs, etc.
• Organizational measures: Appointment of responsible personnel, employee training, internal policy enforcement
• Physical measures: Access control to servers, secure handling of devices and physical documents

7. User Rights and How to Exercise Them

Users have the following rights:

• Right to know, request disclosure, correction, deletion, and opt out of data sale or sharing
• Requests can be submitted through the [contact form]
• We may require identity verification or verification of representation by an agent
• In principle, requests will be addressed within 45 days (extensions up to an additional 45 days may apply under certain conditions)

8. Use of Cookies and Similar Technologies

• Cookies are used to maintain login sessions, preserve settings, analyze usage, and deliver advertising
• Users can disable cookies via browser settings, but doing so may limit certain features

9. Changes to this Privacy Policy

• Users will be notified in advance of material changes
• Minor changes will become effective upon publication
• Continued use of the Services after revisions constitutes acceptance of the updated Policy

10. Privacy Rights of U.S. Users (California Privacy Rights and U.S. Consumer Privacy Laws)

1. Rights of U.S. Users

• Right to Know
• Right to Access
• Right to Correct
• Right to Delete
• Right to Opt Out of Sale or Sharing
• Right to Limit Use of Sensitive Personal Information
• Right to Non-Discrimination

2. How to Exercise Your Rights

• By submitting a request via the Do Not Sell or Share My Personal Information link at the bottom of our website
• By contacting us via our contact form
• Identity verification or verification of an authorized agent may be required
• Requests are generally processed within 45 days (extensions may apply as permitted by law)

3. Opt-Out Link Placement

The Company has placed a “Do Not Sell or Share My Personal Information” link in the footer of our website to allow California residents to opt out of the sale or sharing of personal information. Through this link, users can request the cessation of third-party sharing of identifiers such as cookies or advertising IDs.

4. Disclosure Request under the Shine the Light Law

Under California’s “Shine the Light” law, residents may request once per year a list of categories of personal information shared with third parties for marketing purposes and the names of those third parties.

5. Information of Minors

The Company does not knowingly collect personal information from individuals under the age of 13. If a parent or guardian becomes aware that their child has provided personal information, they may contact us via the contact form to request deletion.

11. Language

In the event of any discrepancy or inconsistency between the Japanese version and other language versions of this Policy, the Japanese version shall prevail.